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Description 

SYSTEM AND METHOD FOR 
FACILITATING INTERACTION BETWEEN 
CONSUMER AND MERCHANT 

Cross Reference to Related Applications 

[0001] This application is a continuation-in-part of, and claims 
priority to, U.S. Utility Patent Application entitled "System 
And Method For Facilitating Interaction Between Consumer 
And Merchant", Serial No. 10/299,891 filed on October 
19, 2002, the entire contents of which is hereby incorpo- 
rated by reference. 
Field of Invention 

[0002] This invention relates generally to an interactive market- 
ing system and method, and more specifically to a method 
and system for facilitating interaction between consumer 
and merchant via an interactive display in association with 

a strong security framework. 
Background of Invention 



[0003] For many years, merchants have used advertising to entice 
consumers to purchase goods and services. For example, 
merchants have traditionally appealed to consumers by 
presenting offers and advertisements on billboards, in 
magazines and newspapers, through direct mailings and 
telephone solicitations, and even using signs on the sides 
of buses. Merchants have also presented advertisements 
through broadcast media such as radio and television, and 
more recently via the internet and web broadcasts. 

[0004] Regardless of the medium through which merchants 

present their messages, however, those messages typi- 
cally attempt to create or grow, in a consumer, a desire 
for a particular product or service. Accordingly, in addition 
to consumers who may already be seeking the relevant 
goods or services, merchants use advertisements to reach 
consumers who may not be actively seeking the informa- 
tion presented in the advertisement and who may have 
been engaged in activities (e.g., watching television, driv- 
ing or riding in a car) completely unrelated to a quest for 
the advertised goods or services. 

[0005] Typically, such advertisements require a consumer to act 
in some way before a transaction for the advertised good 
or services can be completed. For example, regardless 



where a consumer may see or hear a particular advertise- 
ment, the consumer has historically been required to ei- 
ther travel to a point of purchase or dispatch a communi- 
cation (e.g., place a phone call, mail an order) to the mer- 
chant before a bargain for the advertised goods or ser- 
vices may be struck between the merchant and the con- 
sumer. Unfortunately for the merchant, however, the more 
complicated or onerous the required act or the more time 
that lapses between the consumer's receipt of the adver- 
tisement and the performance of the required act, the less 
likely that consumer is to complete the act. Conversely, 
the simpler and quicker the required act, the more likely a 
transaction is to be completed. Therefore, it is desirable 
to enable consumers to respond to advertisements and 
offers with minimal time and effort, and as expeditiously 
as possible after perceiving a particular advertisement. 
Based on this principle, merchants may place impulse 
items, such as gum and the like, near a grocery store 
checkout counter or may suggest the purchase of french 
fries following a consumer's order of a hamburger. 
[0006] yet, while such approaches may be effective where a con- 
sumer is already engaged in a transaction with the mer- 
chant, significant obstacles remain in situations where 



transactional activity is not already in progress. For exam- 
ple, where an advertisement is presented to a consumer 
via a television, and where the advertisement indicates 
that acceptance of the offer may be performed by placing 
a telephone call, the consumer must then place the tele- 
phone call and present some form of payment such as 
credit card, debit card or checking account information 
and must also provide identifying information, e.g., a 
shipping address. In many cases, these tasks are suffi- 
ciently onerous and time consuming to dissuade a con- 
sumer from responding to the advertisement. 
[0007] At the same time, it is well understood that the needs and 
wants of individual viewers within a viewing audience may 
vary greatly. Yet, advertisements that are adapted to be 
presented via traditional means, such as via television or 
radio broadcast, are typically presented without any con- 
sideration or adjustment for variations within the viewing 
audience. This is largely due to the fact that no satisfac- 
tory mechanism currently exists for adjusting a presenta- 
tion based on real-time feedback from a consumered 
consumer. In addition, advertisements for presentation via 
television broadcast are typically prepared well in advance 
of their broadcast. Accordingly, such advertisements are 



designed to consumer the largest portion of the viewing 
audience and are typically fixed, being incapable of modi- 
fication in response to feedback from one or more viewer. 
Thus, the content of such advertisements may not hold 
any significant appeal for significant portions of the con- 
sumer audience. Further, the non-targeted portions of the 
audience are typically those falling outside the main- 
stream. 

[0008] with the advent of the internet, consumers and merchants 
have been able to partially address the above-mentioned 
drawbacks of traditional advertising mechanisms. For ex- 
ample, merchants are now able to provide substantial 
amounts of information on web sites, thereby allowing 
consumers with very specific needs to find advertisements 
that suit their particularized needs. Moreover, once inter- 
net-equipped consumers have surfed to the advertise- 
ment presenting the desired good or service, their pur- 
chase is often made very simple and quick through the 
use of stored information and one-click purchase fea- 
tures. 

[0009] yet, even these systems do not completely solve the 

above-described problems because they typically require 
the consumer to have actively sought the desired goods or 



services. Accordingly, currently available internet capabili- 
ties may not be effective on attracting viewers who are not 
already seeking the advertised goods or services. There- 
fore, they may not be at all effective in persuading con- 
sumers who may be engaged in passive activities, such as 
watching television or web broadcasts. Moreover, con- 
sumers have become increasing concerned about security 
issues related to transmitting an account number (e.g., 
associated with a transaction card) over the internet or 
providing the account number to a customer service rep- 
resentative. Additionally, parents have become increas- 
ingly concerned about minors accessing certain web 
pages or purchasing certain items over the internet or 
over the phone. 

[0010] Accordingly, a need existed for a system and method for 
facilitating communication between a merchant and a 
consumer whereby a consumer engaged in a passive ac- 
tivity may be persuaded to seek a particular good or ser- 
vice and whereby the consumer may acquire such good or 
service from the merchant over a substantially secure 
framework with a minimum investment of time and effort, 
e.g., in an instantaneous and effortless manner. A further 
need existed for a system and method whereby advertise- 



merits may be adapted based on feedback provided by a 
particular consumer or in response to information con- 
cerning the consumer that may be stored in the facilitat- 
ing system. A still further need existed for a system and 
method that facilitates storage of information regarding 
the consumer and the consumer's desired payment 
method whereby such information may be communicated 
to a merchant to facilitate the consumer's response to an 

advertisement. 
Summary of Invention 

[0011] The invention facilitates interaction between a consumer 
and a merchant by, for example, registering the con- 
sumer, receiving offer information from the merchant, 
wherein the offer information relates to a product, cus- 
tomizing the offer information with consumer preference 
information to create an amended offer, transmitting the 
amended offer to a display for viewing by the consumer, 
receiving an acceptance from the consumer, wherein the 
acceptance is associated with the amended offer and the 
acceptance includes a security feature, amending the ac- 
ceptance with consumer payment information and identi- 
fication information to create an amended acceptance, 
and transmitting the amended acceptance to the mer- 



chant. In addition to the interface device, the system may 
include an offer retrieval engine, offer storage database, 
maintenance engine, amended offer engine, broadcast 
device, billing engine, authentication module, event 
tracker and/or offer evaluation device. 
[0012] The method may also include transmitting via television 
programming or web broadcast. The consumer may ac- 
cept the offer via a remote control, electronic pen, tele- 
phone, automatic dialing device, microphone, pager, radio 
frequency device, personal digital assistant, smart card, 
DVR, PVR, or simulated button. The security feature of the 
acceptance may include authentication, embedded certifi- 
cates, consumer ID and password, identifier, data encryp- 
tion, digital signature, secure file structures, or trusted 
third party downloads. Other security features include au- 
thenticating and authorizing a transaction. The system 
may also include authenticating the consumer, restricting 
access to certain portions of the method, managing con- 
sumer identities, or analyzing attributes of the consumer 
to substantially predict offer content and context. When 
amending the acceptance with consumer payment infor- 
mation, the system may also include consumer loyalty 
point information, authorization from an issuer, autho- 



rization from the system, security or wallet server autho- 
rization, consumer authentication or single use account 
number information. The system may also develop a con- 
sumer transaction database or an offer evaluation 

database. 
Brief Description of Drawings 

[0013] The above-mentioned features and advantages of the 
present invention can be more clearly understood from 
the following detailed description considered in conjunc- 
tion with the following drawings, in which like numerals 
represent like elements and in which: 

[0014] FIG. 1 illustrates an exemplary embodiment of a system in 
accordance with the invention for facilitating interaction 
between a consumer and a merchant; and 

[0015] FIG. 2 is a flow chart illustrating an exemplary method in 

accordance with the invention for facilitating interaction 

between a consumer and a merchant. 
Detailed Description 

[0016] The present invention facilitates interaction between a 

consumer 110 and a merchant 130. In an exemplary em- 
bodiment, the invention is illustrated with reference to 
presentation of advertisements and offers for products 



115 provided by a merchant 130 to a consumer 110. In 
describing the invention, reference will be made to an in- 
teractive television system configured for facilitating in- 
teraction between a consumer 110 and a merchant 130, 
but the invention is not limited to this illustrative embodi- 
ment. For example, the interactive television system may 
include broadcasts via internet, email, cellular phone, per- 
sonal digital assistant or any other broadcast which pro- 
vides advertisement, information or offer information to 
the consumer 110. Merchant, as used herein, includes any 
one or more software, hardware, business, organization, 
consumer or any other entity that may sell, barter, pro- 
mote, license, rent, distribute or participate in any process 
for transferring a product. Product 115, as used herein, 
includes one or more of a good, service, soft good (e.g., 
content, programming) or any other item. Consumer 110, 
as used herein, includes one or more of groups of con- 
sumers, individual, employee, employer, software, hard- 
ware, business, organization, merchant or any other en- 
tity. The invention, however, is not limited to such con- 
sumers or such merchants, nor is it limited to communi- 
cations involving offers and advertisements. It is fully 
contemplated that the invention applies generally to facil- 



itating any communications between a merchant 130 and 
a consumer 110. Further, wherever this description refers 
to the communication of information to a consumer, it is 
contemplated that the recipient of the information may be 
a system controlled by a consumer, a point of sale office, 
a global distribution system, a consumer, a party finan- 
cially related to the consumer, or any other consumer of 
the system. 

[0017] | n an exemplary embodiment, the system 100, including 
the components shown in Figure 1, may be configured as 
a data processing system that includes a processor for 
processing digital data, one or more memory coupled to 
the processor for storing digital data, means, coupled to 
the one or more memory, for inputting digital data, and a 
display 101 coupled to the processor and memory for dis- 
playing information derived from digital data processed 
by the processor. In one embodiment, an interface device 
120 may be configured as an application program, may be 
stored in memory, and may be accessible by the processor 
for directing processing of digital data by the processor 
and the presentation of information via the display 101. In 
another embodiment, interface device may include a pro- 
cessor and a memory which stores an application pro- 



gram, wherein the application program may be accessible 
by the processor for directing processing of digital data 
by the processor. The interface device 120, databases 
107, 108, display 101, broadcast device 160, or any other 
hardware or software of the present invention may be in- 
corporated into an integrated circuit card, personal digital 
assistant, single computer, more than one computer with 
suitable interfaces or other similar devices. As those 
skilled in the art will appreciate, each computer may in- 
clude an operating system (e.g., Windows NT, 
95/98/2000, Linux, Solaris, etc.) as well as various con- 
ventional support software and drivers typically associated 
with computers. The computers can be in a home or busi- 
ness environment with access to a network. In an exem- 
plary embodiment, interface device 120 may be local 
hardware and /or software which may receive data from 
external sources or interface device 120 may be hardware 
and/or software remote from the consumer, but the inter- 
face device 120 may receive information from the con- 
sumer through any communication device or method dis- 
cussed herein, including, for example, the Internet 
through a commercially-available web-browser software 
package. 



[0018] As those skilled in the art will appreciate the memory 

and/or the processor may be configured as a smart card 
that may be employed in conjunction with the system to 
enable, enhance, and/or configure the system when in- 
stalled and that may disable the system when removed. It 
should be appreciated that such a smart card may be em- 
ployed by being physically inserted into and/or removed 
from the system or may be implemented remotely in a 
hard-wired box, a wireless remote control, or another 
complementary auxiliary device such as a hard-wired or 
wireless telephone. 

[0019] | n accordance with a preferred embodiment, the system 

100 includes a first database 107 that may include identi- 
fication, demographic, restriction, preference, shipping 
data, identity verification, authentication data and/or any 
other information relating to the consumer 110. In addi- 
tion, a second database 108 includes payment informa- 
tion (e.g., financial account information, loyalty informa- 
tion, etc) describing how the consumer 110 may wish to 
pay for transactions in accordance with the acceptance of 
one or more offer. The two databases 107, 108 can, of 
course, be combined as a single database or multiple 
databases including all of the above information. The 



databases, as used herein, may be incorporated into a 
smart card and/or the databases may also include exter- 
nal databases wherein similar or additional information 
may be acquired. Moreover, the databases discussed 
herein may be any type of database, such as relational, hi- 
erarchical, object-oriented, and/or the like. Common 
database products that may be used to implement the 
databases include DB2 by IBM (White Plains, NY), any of 
the database products available from Oracle Corporation 
(Redwood Shores, CA), Microsoft Access or MSSQL by Mi- 
crosoft Corporation (Redmond, Washington), or any other 
database product. The database may be organized in any 
suitable manner, including as data tables or lookup tables. 
Association of certain data may be accomplished through 
any data association technique known and practiced in the 
art. For example, the association may be accomplished ei- 
ther manually or automatically. Automatic association 
techniques may include, for example, a database search, a 
database merge, GREP, AGREP, SQL, and/or the like. The 
association step may be accomplished by a database 
merge function, for example, using a "key field"in each of 
the manufacturer and retailer data tables. A "key 
field"partitions the database according to the high-level 



class of objects defined by the key field. For example, a 
certain class may be designated as a key field in both the 
first data table and the second data table, and the two 
data tables may then be merged on the basis of the class 
data in the key field. In this embodiment, the data corre- 
sponding to the key field in each of the merged data ta- 
bles is preferably the same. However, data tables having 
similar, though not identical, data in the key fields may 
also be merged by using AGREP, for example. 
[0020] Each consumer may be equipped with a computing system 
to facilitate communication, including presentations of 
advertisements, offers, and the like , between a merchant 
130, an interface device 120, and a consumer 110. The 
consumer 110 may have a computing unit in the form of a 
personal computer, although other types of computing 
units may be used including laptops, notebooks, hand 
held computers, set-top boxes, and the like. The display 
101 that is coupled to the computing unit may be config- 
ured to present television programming or web broad- 
casts 160, which may be received from a recording/play- 
back device such as a digital video recorder (DVR), per- 
sonal video recorder (PVR), VCR, DVD or any other similar 
device for transmitting signals and/or may be received 



through a broadcast transmission such as cable transmis- 
sion, satellite transmission, UHF transmission, VHF trans- 
mission, WiFi and the like. The point of sale office has a 
computing unit implemented in the form of a computer- 
server, although other implementations are possible. The 
merchant 130 may have a computing center in the form of 
a main frame computer. However, the merchant 130 may 
be implemented in other forms, such as a mini-computer, 
a PC server, a network set of computers, and the like. 
[0021] The presentation of advertisements and/or offers and the 
facilitation of communication between the merchant 130 
and the consumer 110 may necessitate additional com- 
munication among various third party institutions such as 
financial institutions and other providers of goods or ser- 
vices, e.g., shippers, payment escrow companies, and the 
like. The computers of the various parties may be inter- 
connected via a second network, referred to as a transac- 
tion network. The transaction network represents existing 
proprietary networks that presently accommodate elec- 
tronic communications and transactions. The transaction 
network may be a closed network that is assumed to be 
secure from eavesdroppers. Examples of the transaction 
network include the American Express®, VisaNet®and the 



Veriphone® network. 

[0022] Communication between the parties to the advertisement, 
offer, and acceptance transaction and the system 100 may 
be accomplished through any suitable communication 
means, such as, for example, a telephone network, In- 
tranet, Internet, point of interaction device (point of sale 
device, personal digital assistant, cellular phone, kiosk, 
etc.), infrared remote control, hard-wired remote control, 
UHF remote control, online communications, off-line 
communications, wireless communications, WiFi, digital 
video recorder (DVR), personal video recorder (PVR) and/ 
or the like. One skilled in the art will also appreciate that, 
for security reasons, any databases, systems, or compo- 
nents of the present invention may consist of any combi- 
nation of databases or components at a single location or 
at multiple locations, wherein each database or system in- 
cludes any of various suitable security features (e.g., au- 
thentication, embedded certificates, consumer ID/ 
password, transmitted identifier, etc. as further described 
below), such as firewalls, access codes, encryption, de- 
encryption, compression, decompression, and/or the like. 

[0023] The computing units may be connected with each other 
via a data communication network that may be a public 



network and that may be assumed to be insecure and 
open to eavesdroppers. In an exemplary embodiment, the 
network may be embodied as the internet. In this context, 
the computers may or may not be connected to the inter- 
net at all times. For instance, a consumer or point of sale 
computer may employ a modem to occasionally connect 
to the internet, whereas the interface computing center or 
the global reservation system computer might maintain a 
permanent connection to the internet. Specific information 
related to the protocols, standards, and application soft- 
ware utilized in connection with the Internet may not be 
discussed herein. For further information regarding such 
details, see, for example, Dilip Naik, Internet Standards 
and Protocols (1998); Java 2 Complete, various authors, 
(Sybex 1999); Deborah Ray and Eric Ray, Mastering HTML 
4.0 (1997). Loshin, TCP/IP Clearly Explained (1997). All of 
these texts are hereby incorporated by reference. 
[0024] The systems may be suitably coupled to the network via 
data links. A variety of conventional communications me- 
dia and protocols may be used for data links. Such as, for 
example, a connection to an Internet Service Provider (ISP) 
over the local loop as is typically used in connection with 
standard modem communication, cable modem, Dish net- 



works, ISDN, Digital Subscriber Line (DSL), or various 
wireless communication methods. Consumer systems 
might also reside within a local area network (LAN) which 
interfaces to network via a leased line (Tl, D3, etc.). Such 
communication methods are well known in the art, and 
are covered in a variety of standard texts. See, e.g., Gilbert 
Held, Understanding Data Communications (1996), hereby 
incorporated by reference. 

[0025] The system and its functional elements may be imple- 
mented and distributed among the various parties. In an 
exemplary implementation, the transaction network may 
be implemented as computer software modules loaded 
onto the various computer systems of some of the parties 
(e.g., the point of sale office and the merchant), so that 
the computers of the other parties (e.g., the consumers) 
may not require any additional software to participate in 
the transactions supported by the transaction system. 

[0026] The computers discussed herein may provide a suitable 

website or other Internet-based graphical consumer inter- 
face which is accessible by consumers. In one embodi- 
ment, the Internet Information Server, Microsoft Transac- 
tion Server, and Microsoft SQL Server, are used in con- 
junction with the Microsoft operating system, Microsoft 



NT web server software, a Microsoft SQL database system, 
and a Microsoft Commerce Server. Additionally, compo- 
nents such as Access or SQL Server, Oracle, Sybase, In- 
formix MySQL, Intervase, etc., may be used to provide an 
ADO-compliant database management system. The term 
"webpage" as it is used herein is not meant to limit the 
type of documents and applications that might be used to 
interact with the consumer. For example, a typical website 
might include, in addition to standard HTML documents, 
various forms, Java applets, Javascript, active server pages 
(ASP), common gateway interface scripts (CGI), extensible 
markup language (XML), dynamic HTML, cascading style 
sheets (CSS), helper applications, plug-ins, and the like. 
[0027] A n exemplary method 200 of the present invention is set 
forth in Figure 2. The interaction process 200 may include 
a registration process (step 205). The registration process 
may require a consumer to complete an application 
through any process, such as, for example, input into on- 
line data fields, providing information to a telephone rep- 
resentative, completing a paper form and sending the 
form to the host and/or the like. The information may 
then be stored in databases 107 or 108 which may be ac- 
cessed by interface device 120. 



[0028] The registration process may request information about 
the consumer such as, for example, product preferences, 
payment information, payment preferences, contact pref- 
erences (e.g., time of day, medium, etc), restrictions on 
use of the system, restrictions on payment and/or the 
like. The registration process may also request any de- 
sired restrictions or limitations related to transaction 
types, products, merchants, accounts, consumers, prefer- 
ences, changes to preferences, changes to registration or 
any other data, display of certain advertisements, accept- 
able fees (e.g., delivery, service charges, etc), shipping 
addresses, disclosing certain data, number of transac- 
tions, duration of use, and/or the like. These restrictions 
may be valuable to consumers that are, for example, par- 
ents who want to restrict minors' use of the system or 
employers who want to restrict employee use of the sys- 
tem. 

[0029] The restrictions on use of the system may include differ- 
ent levels of access rights, wherein the employer may al- 
low certain levels of employees to access or use certain 
features or functions of the system. For example, a lower 
level employee may have system access for viewing the 
advertisements, but a higher level employee must enter an 



approval code prior to ordering the desired product. In 
this regard, each consumer or groups of consumers may 
be assigned a particular code, identification (ID) or ac- 
count number which, upon entry into the system, instructs 
the system about certain access rights or other cus- 
tomizations of the system. One skilled in the art will ap- 
preciate that any data or information related to the con- 
sumer may be used to customize the system. Moreover, 
the system may customize its operations by adapting the 
advertisement or amending the acceptance differently 
based on the specific consumer using the system. In this 
regard, for example, the system may require input of a 
certain consumer code or consumer ID such that only cer- 
tain ads or groups of ads will be displayed to that particu- 
lar consumer. 

[0030] The present invention may also allow the consumer to se- 
lect at least one authentication method for accessing the 
system or accessing certain features of the system. The 
system may allow a consumer to select a method of au- 
thentication for access to a restricted feature, where the 
restricted feature may require at least one of many meth- 
ods of authentication in order to gain access to it. The 
system may register the consumer-selected method of 



authentication such that gaining access to the restricted 
feature requires the consumer to use the pre-selected 
method of authentication. In this way, the consumer may 
select the minimum level of security required for authen- 
tication in order to access the restricted feature. Alterna- 
tively, a host may select the minimum level of security re- 
quired for authentication for accessing the restricted fea- 
ture based on predetermined characteristics of the con- 
sumer. For more information related to determining au- 
thentication methods, see for example U.S. Serial No. 
10/035,064, filed on December 27, 2001 and entitled 
METHOD AND APPARATUS FOR ENABLING A USER TO SE- 
LECT AN AUTHENTICATION METHOD, which is hereby in- 
corporated by reference. 
[0031] The present invention may also include a modular authen- 
tication means such that an authentication server module 
124 is made available to facilitate authentication of con- 
sumers from various remote applications. In one embodi- 
ment, the consumer interfaces with an authentication 
server module 124 in order to properly transmit the au- 
thentication information. The authentication module 124 
may grant the consumer various levels of access based on 
the authentication information. More specifically, interface 



device 120 receives a request to perform a task from a 
consumer. Interface device 120 forwards the request to 
module 124 that is configured to authenticate the con- 
sumer. The authentication module 124 substantially veri- 
fies the identity of the consumer, using one of a variety of 
different methods. The authentication module 124 may 
supply a session token indicative of the verification to in- 
terface device 120. Thereafter, the pre-determined per- 
missions of the consumer are determined in one of a 
number of manners, such as accessing a database. After it 
is determined that the consumer has permission to per- 
form the requested task (e.g., view offers or accept offer), 
the requested task may then be performed. The permis- 
sions may be stored in an access control list in database 
107 that contains data regarding the identity and privi- 
leges of the consumer. For more information related to 
modular authentication and session management, see for 
example U.S. Serial No. 10/334,615 filed on December 
31, 2002 and entitled METHOD AND SYSTEM FOR MODU- 
LAR AUTHENTICATION AND SESSION MANAGEMENT, which 
is hereby incorporated by reference. 
[0032] | n another embodiment, the invention may use an "iden- 
tity provider" which may be part of the authentication 



module 124 to facilitate authentication services related to 
the interface device 120. The identity provider may also 
allow a consumer to be authenticated to different inter- 
face devices 120 in order to allow access to the different 
interface devices 120. Each identity provider may commu- 
nicate with one or more interface device 120 such that a 
consumer that wishes to gain access to an interface device 
120 is authenticated through the use of the identity 
provider. A method of the present invention involves a 
consumer accessing a first interface device 120 wherein 
the interface device 120 is configured to use an identity 
provider to authenticate the consumer to determine if the 
consumer is properly authorized to use the interface de- 
vice 120. The identity provider analyzes the consumer and 
provides the authentication information to the interface 
device 120, which can then allow or deny the consumer 
access to the first interface device 120. Thereafter, when 
the consumer attempts to access a second interface de- 
vice 120 that is associated with the same identity 
provider, the second interface device 120 accesses the 
identity provider and determines that the consumer was 
recently authenticated. The identity provider then sends 
the relevant information regarding the authentication pro- 



cess to the second interface device 120, which can then 
allow or deny the consumer access to the second interface 
device's 120 services. In the event that the level of au- 
thentication was not at a sufficient level, the second inter- 
face device 120 may allow the identity provider to authen- 
ticate the consumer with a higher degree of certainty. For 
more information related to exchanging authentication 
context information, see for example U.S. Serial No. 
10/334,270 filed on December 31, 2002 and entitled 
METHOD AND SYSTEM FOR TRANSMITTING AUTHENTICA- 
TION CONTEXT INFORMATION, which is hereby incorpo- 
rated by reference. 
[0033] The registration process may also include registration of 
consumer identities. In this regard, the present invention 
may include a system and method for managing consumer 
identities. The system may include a registration compo- 
nent for the consumer identities, an ownership compo- 
nent, and an audit component. The registration compo- 
nent may be configured to register new consumers and 
establish a relationship between the consumer ID and the 
account or accounts related to the consumer ID. The own- 
ership component may be configured to define the criteria 
used to verify the ownership of the account. The audit 



component may be configured to perform periodic checks 
to validate the relationships between an account and a 
consumer ID on a regular basis. A consumer may initiate a 
registration process using the registration component. If a 
customer needs help from customer service (for example, 
the consumer lost his password), such a process can be 
initiated via the registration component. An embodiment 
of the present invention may also be used in conjunction 
with pre-existing identity management services, which 
have access to pre-existing service profile data. 
[0034] a method of the present invention for issuing identities 
associated with accounts may first receive a request for 
the creation of an identity. The request is processed by a 
component configured to determine the existing methods 
used to authenticate consumers. Thereafter, using various 
algorithms, questions are generated that can be used to 
verify the identity of the consumer. Answering the ques- 
tions correctly is indicative of the fact that the consumer 
is who he says he is, therefore the identity can be issued. 
In addition, each transaction performed under the con- 
sumer identity may be aggregated. Positive weighting can 
be assigned to successful transactions that are indicative 
of ownership of the underlying account, while negative 



weighting can be assigned to unsuccessful transactions. 
Thereafter, the weightings can be analyzed to verify that 
the consumer identity is being used by the true owner of 
the underlying account. For more information related to 
managing consumer identities, see for example U.S. Serial 
No. 10/334,271 filed on December 31, 2002 and entitled 
METHOD AND SYSTEM FOR IMPLEMENTING AND MANAG- 
ING AN ENTERPRISE IDENTITY MANAGEMENT FOR DIS- 
TRIBUTED SECURITY, which is hereby incorporated by ref- 
erence. 

[0035] After completing the registration and initial authorization 
steps, the system may receive or obtain offer or advertise- 
ment information 182 from a merchant (step 210). Upon 
receipt of the offer information 182, the interface device 
120 may retrieve consumer information from databases 
107, 108 (e.g., consumer preferences, etc) (step 220). The 
consumer information may be useful in adapting the offer 
to substantially conform to the desires, tastes, prefer- 
ences or other applicable attributes of the targeted con- 
sumer 110. The offer is then adapted in amended offer 
engine 183 (step 226).After adapting the offer (step 226), 
the adapted offer is transmitted via broadcast device 160 
to a display 101 (e.g., television, computer screen, PDA 



screen, etc) to be presented to the consumer 110 using 
the offer presentation engine 184 (step 230). One skilled 
in the art will appreciate that Offer presentation engine 
may format or otherwise manipulate the amended offer 
prior to, during or after the amended offer is broadcast to 
the display 101. 

[0036] More particularly, in one embodiment, the present inven- 
tion facilitates the creation, storage, maintenance, identi- 
fication, and retrieval, of incentive offers for presentation 
to consumers for the purpose of encouraging a desired 
set of one or more behaviors. The system may include an 
offer storage database 129 for storing offer in association 
with interface device 120, an offer retrieval engine 122 for 
finding and retrieving offers, and amended offer engine 
183 for updating and maintaining the offers in offer stor- 
age database 129. The system cooperates with an offer 
presentation engine 184 for configuring and presenting 
offers based on consumer traits and the context in which 
the offer is to be presented. Each offer may comprise both 
an offer summary and offer details. The offer storage 
database 129 is configured to store an offer summary and 
a set of offer details for each stored offer. One skilled in 
the art will appreciate that the offers are not limited to 



storage in offer storage database 129; rather, other of- 
fers, offer information, or any portion thereof, may be re- 
trieved from any other internal or external database or 
system. 

[0037] | n general, offer details may include who (e.g., the con- 
sumer) must perform what act (e.g., use or agree to pur- 
chase specific goods or services) within what time (e.g., 
during the offer period) and at what location (e.g., at a 
specified merchant) in order to receive the particular in- 
centive. The system may include a maintenance engine 
135 which may be adapted to respond to requests to cre- 
ate, modify, and delete offer summaries and offer details 
stored within the offer storage database 129. The mainte- 
nance engine 135 may also include a security mechanism 
(as set forth in step 238) adapted to authenticate a con- 
sumer before granting the consumer access to the reposi- 
tory. In accordance with an exemplary embodiment, a se- 
curity mechanism is configured to limit access to a spe- 
cific consumer or group of consumers, thereby enabling a 
maintenance engine 135 to safeguard the confidentiality 
of data within the repository and to prevent data from be- 
ing disclosed in any unauthorized or undesirable manner. 
Finally, a retrieval engine 122 includes both a search tool 



and a retrieval tool and is configured to cooperate with an 
offer presentation engine 184 for configuring and pre- 
senting offers. Accordingly, retrieval engine 122 is 
adapted to send a request to the offer storage database 
129, which may include additional search tools for the 
identification of an offer or set of offers. The search tool 
is configured to identify conforming offers, and the re- 
trieval engine 122 is configured to retrieve the identified 
offer or set of offers. The system may be configured to fa- 
cilitate the configuring and presenting of an offer to an 
consumer by the offer presentation engine 184. 
[0038] The system may also be configured to consider the spe- 
cific set of attributes of the consumer from consumer in- 
teractions with the system and/or information which may 
be retrieved from other sources or stored information 
about the consumer. The set of attributes may be used to 
substantially predict an optimum or desired combination 
of offer content and context based on the predicted ag- 
gregate effect of the content and context on the probabil- 
ity-discounted NPV. Predictions regarding the aggregate 
effects of multiple changes may be generated through 
methods such as root mean square, Bayesian modeling, 
and/or Monte Carlo simulation techniques. In addition, 



the system may be configured to formulate tests for the 
purpose of generating data (e.g., determining sensitivi- 
ties) useful in evaluating one or more predetermined 
levers in specific controlled circumstances. For more in- 
formation related to offer management, see for example 
U.S. Serial No. 10/091,612 filed on March 5, 2002 and 
entitled SYSTEM AND METHOD FOR INTEGRATING OFFERS, 
which is hereby incorporated by reference. 
[0039] Once the consumer has viewed, analyzed and/or per- 
ceived the offer or advertisement, if the consumer wishes 
to accept the offer, the consumer may perform the speci- 
fied act of acceptance (step 236) which may include, for 
example, selecting a simulated button on display 101, 
pressing a button or series of buttons on a remote control 
125, placing a telephone call 126, speaking into a micro- 
phone 127, using wireless device (e.g., WiFi) or perform- 
ing any other action or non-action which conveys the 
consumer's desire to accept the offer. Moreover, the con- 
sumer may be provided with phone number dialing hard- 
ware and/or software which may be coupled to the inter- 
face device 120, thereby allowing the consumer initiate 
the automatic dialing of a desired phone number that is 
displayed in the advertisement and thereby facilitate com- 



munication with the interface device 120. The acceptance 
may also be accomplished (e.g., subsequent to the time of 
its broadcast) through a digital video recorder (DVR), per- 
sonal video recorder (PVR) or similar device. The accep- 
tance device may also include software and/or hardware 
configured to transmit or provide, for example, a remote 
control ID, RFID, machine IP address, web services (e.g., 
managing consumer identities as discussed above), etc. 
The consumer action may include a predefined action or 
non-action which indicates acceptance of the offer when 
the results of the act (e.g., transmitted signal) are received 
by the system (step 240). The acceptance may also in- 
clude a security process (step 238) which may involve ad- 
ditional steps, or additional hardware and/or software. 
[0040] For more information related to the RFID devices, see for 
example U.S. Serial No. 10/192, 488filed on July 9, 2002 
and entitled SYSTEM AND METHOD FOR PAYMENT USING 
RADIO FREQUENCY IDENTIFICATION IN CONTACT AND 
CONTACTLESS TRANSACTIONS, which is hereby incorpo- 
rated by reference. Web services are applications which 
are capable of interacting with other applications over a 
communications means, such as the internet. Web ser- 
vices are typically based on standards or protocols such 



as XML, SOAP, WSDL and UDDI. Web service methods are 
well known in the art, and are covered in many standard 
texts. See, e.g., Alex Nghiem, IT Web Services: A Roadmap 
for the Enterprise (2003), hereby incorporated herein by 
reference. 

[0041] M 0re particularly, with respect to the security process 

(step 238), the acceptance process may include any secu- 
rity framework known in the art or hereafter developed. 
For example, smart card authentication, embedded cer- 
tificates, consumer ID and password, or other identifier 
transmitted through a communication device. The device 
used to perform the act of acceptance (e.g., smart card) 
may include a security engine which is used to provide 
suitable security measures with respect to the acceptance 
transaction. The security engine may utilize various au- 
thentication, data encryption, and digital signature tech- 
niques in connection with incoming and outgoing mes- 
sage packets. Suitable algorithms in the context of the 
present invention, may include, for example, DES encryp- 
tion, RSA authentication, and a variety of other symmetri- 
cal and non-symmetrical cryptographic techniques. While 
a smart card embodiment shall be described herein, one 
skilled in the art will appreciate that the smart card em- 



bodiment may alternatively include any device capable of 
receiving digital information, for example, interface device 
120, personal digital assistant, cell phone, DVR, etc. 
[0042] The smartcard embodiment may include space and secu- 
rity features within specific applications which provide 
partnering organizations the ability to construct custom 
and secure file structures. For example, a smart card con- 
sumer ID application may include an authentication EF 
which comprises information for static authentication of 
the consumer ID application. This data may be unique for 
each card, and is sufficiently complex such that counter- 
feit values cannot feasibly be created. This prevents cre- 
ation of "new" counterfeit cards (i.e., cards with new au- 
thentication data), but may not prevent creation of multi- 
ple copies of the current card. In a particular embodiment, 
authentication EF includes public key certificate fields, 
wherein the external format is identical to the internal 
format. In one embodiment, the issuer RSA key is 640 bits 
long, and the CA key is 768 bits long. For more informa- 
tion related to the secure file structures, see U.S. Patent 
No. 6,101,477 issued on August 8, 2000 and entitled 
METHODS AND APPARATUS FOR A TRAVEL- RELATED 
MULTI-FUNCTION SMARTCARD, which is hereby incorpo- 



rated by reference. 
[0043] Moreover, the smart card may also allow the downloading 
of information (e.g., advertisements, offers, database in- 
formation 107, etc) onto a smart card via a trusted third 
party. In this embodiment, the present invention may in- 
clude systems for authenticating, via cryptographic tech- 
niques, the download of information or applets onto the 
smart card via a trusted third party. An information owner 
(for example, the issuer of a smart card) may also dele- 
gate the information download to a third party. A digi- 
tally-computed acknowledgment of the download event 
may be produced using a digital "seal" or signature 
(depending upon the type of cryptographic algorithm 
used). The seal or signature may be a cryptogram gener- 
ated by the information device using cryptographic keys 
resident on the information device itself. This acknowl- 
edgment is then made available to the information owner, 
who may then test the cryptogram to determine whether 
the download was successful. For more information re- 
lated to the downloading of information onto a device ca- 
pable of receiving digital information, see for example 
U.S. Serial No. 09/522,628 filed on March 10, 2000 and 
entitled METHODS AND APPARATUS FOR AUTHENTICAT- 



ING THE DOWNLOAD OF APPLETS ONTO A SMARTCARD, 
which is hereby incorporated by reference. 

[0044] upon receipt of the offer acceptance information (step 
240), the interface device 120 may combine the accep- 
tance information with consumer identification informa- 
tion retrieved from database 107 and/or with consumer 
payment information retrieved from database 108 (step 
244). One skilled in the art will appreciate that additional 
information may be obtained from any other internal, ex- 
ternal or third party database for any desired analysis 
(e.g., authorization, promotions, loyalty points, etc) re- 
lated to the transaction or for adding additional informa- 
tion to the received acceptance information. For example, 
interface device 120 may retrieve loyalty point information 
from an external database and include loyalty points as 
part of the payment. However, the present invention is not 
limited to merely exchanging loyalty points for product. 

[0045] | n an exemplary embodiment, consumers desiring to ap- 
ply loyalty points to facilitate a particular transaction may 
use their charge card number or account number to facili- 
tate a purchase, then the system, by interfacing with the 
relevant databases may associate the charge card account 
with a loyalty account. The system may then invoke a pro- 



cess to apply a currency value credit (corresponding to a 
defined amount of loyalty points) to the consumer's des- 
ignated charge card account. This currency value credit 
may offset all or part of a corresponding purchase. There- 
fore, in this embodiment, loyalty points are not used to 
make the purchase, but may be used to offset at least part 
of a corresponding charge. The integration of the loyalty 
program and existing transaction (e.g., charge card) ac- 
count processing systems may be generally transparent to 
the merchant in that the merchant may be unaware that 
the customer is using loyalty points by offsetting at least 
part of the charge with a corresponding credit. Additional 
embodiments may relate to the crediting of a variety of 
different accounts to facilitate particular transactions. 
[0046] The present invention may or may not be integrated into a 
merchant or shopping network. The integrated embodi- 
ment of this invention may provide for an explicit and 
known relationship or interface between a merchant or 
group of merchants (i.e., shopping or redemption network 
or gateway) and an account manager (e.g., a loyalty pro- 
gram host system). The non-integrated loyalty embodi- 
ment, may allow the system to function independently of 
a merchant network, where the consumer may choose to 



redeem loyalty points for a currency equivalent credit 
without regard to a particular merchant, a network of 
merchants or a corresponding transaction. For example, a 
consumer possessing a card provider A"s (or account 
manager's) charge card and participating in an affiliated 
loyalty program, may use loyalty points to facilitate a 
transaction with any merchant that accepts card provider 
A"s charge card. 

[0047] An exemplary system and method of the loyalty portion of 
the present invention may also be generally described 
herein in terms of a transaction phase, a transaction au- 
thorization and settlement phase, and an account recon- 
ciliation phase. During the transaction phase, a loyalty 
program consumer desiring to spend accumulated loyalty 
points generally selects products or services for purchase 
from an individual merchant or a shopping/redemption 
network of merchants. For example, during the act of ac- 
ceptance (step 236), the consumer may select a "pay with 
loyalty points" button, thereby invoking a process to con- 
vert accumulated loyalty points to some currency value 
such as a credit to a consumer's financial transaction ac- 
count. After selecting a given product or service to pur- 
chase, consumers may provide their transaction card 



number and the transaction is processed as with any other 
transaction. Additionally, in one embodiment, before the 
transaction is allowed to go forward, the interface device 
120, by interfacing with certain relevant databases, may 
facilitate verification that sufficient credit is available on 
the consumer's financial transaction account and/or suf- 
ficient loyalty points are available in consumer's loyalty 
account. In this case, a charge authorization system is ac- 
cessed to compare the transaction details with account in- 
formation stored in the consumer's loyalty account and 
the consumer's transaction account. 
[0048] During this verification process, the interface device 120 
or a third party loyalty system middleware determines the 
appropriate number of loyalty points to use by imple- 
menting a conversion processor that converts the con- 
sumer's loyalty points to an appropriate currency equiva- 
lent (e.g., 100 loyalty points = $1 US). For example, taking 
into account the 100 to 1 conversation ratio, if the trans- 
action amount is $100.00, the loyalty point equivalent 
would be 10,000 points. If the consumer confirms the use 
of designated loyalty points to complete the purchase, the 
consumer's loyalty account is reduced by the appropriate 
number of loyalty points and the merchant proceeds with 



the transaction authorization and settlement phase to 
complete the transaction. 

[0049] it should be noted that the conversion ratio may vary from 
merchant to merchant according to the merchant's affilia- 
tion, if any, with the present invention or a related loyalty 
program. Through the interface device 120 or any third 
party loyalty system middleware conversion application, 
the system may adjust conversion ratios to take into ac- 
count various promotional or incentive marketing pro- 
grams in order to better serve the needs of its consumers 
or affiliated merchants. By further example, if a merchant 
or system manager desired to run a promotional program 
with a valued merchant, the conversion ratio for using 
loyalty points at the valued merchant (10 loyalty points = 
$1 US) may be twice the amount for that of an ordinary 
merchant (20 loyalty points = $1 US). 

[0050] Additional exemplary embodiments relating to the trans- 
action phase contemplate, inter alia, (1) use of a tempo- 
rary account number ("secondary transaction number") in- 
stead of a physical transaction card number, (2) integra- 
tion of a shopping or third party redemption network, (3) 
integration with external loyalty programs or commercial 
transaction networks, (4) redemption and conversion of 



loyalty points for gift products or charitable donations, (5) 
redemption and conversion of points without a corre- 
sponding purchase, e.g., for cash or statement credit, (6) 
transfer of loyalty points from one party to another, (7) 
transfer of loyalty points to different transaction instru- 
ments or consolidating points onto a single transaction 
instrument. For further information related to loyalty point 
systems, see for example U.S. Serial No. 09/834,478 filed 
on April 13, 2001 and entitled SYSTEM AND METHOD FOR 
USING LOYALTY POINTS; and U.S. Serial No. 09/836,213 
filed on April 17, 2001 and entitled SYSTEM AND METHOD 
FOR NETWORKED LOYALTY PROGRAM, which are hereby 
incorporated by reference. 
[0051] | n addition to loyalty point information, one skilled in the 
art will appreciate that the amended acceptance 132 may 
also include the consumer identification information and 
the consumer payment information.With respect to the 
payment process, an issuer 186 may further amend the 
acceptance 132 to include additional payment information 
or instructions (step 246). While the system will be de- 
scribed with respect to an issuer, one skilled in the art will 
appreciate that any issuer, acquirer or any other relevant 
party may also amend the acceptance 132 to include ad- 



ditional payment information or instructions. In one em- 
bodiment, an issuer may incorporate financial account in- 
formation or additional security features (e.g., single use 
account numbers, fraud limitations, privacy protections, 
additional authorizations, etc) into the amended accep- 
tance 132 such that the merchant, upon receiving the 
amended acceptance, may obtain authorization, submis- 
sion and settlement as is known in the art. 
[0052] with respect to the single use account numbers, the con- 
sumer may be provided with a secondary transaction 
number that is associated with the consumer's primary 
account, (e.g., charge card), wherein the interface device 
120 retrieves the secondary transaction number (the pri- 
mary charge card number may not be retrieved) from 
database 108 or directly from issuer 186. After receiving 
the secondary transaction number, the merchant may 
process this secondary transaction number, similar to any 
other credit card number. Throughout this embodiment, 
the consumer's primary charge card number may never be 
passed to the merchant or any other third party. Addition- 
ally, the secondary transaction number may also carry 
with it certain limitations-on-use conditions, where the 
transaction is not authorized unless these conditions are 



met. In generating a secondary transaction number, upon 
a consumer's or interface device 120 request, in one em- 
bodiment, the issuer generates a random number and as- 
sociates this number with the consumer's primary charge 
card account. This instantaneous and immediate genera- 
tion of a random number allows for the number to be 
used by the consumer almost immediately upon receipt. 
This process obviates the need for separate activation of 
the secondary transaction number, and minimizes the 
possibility that a secondary transaction number, once is- 
sued, will not be utilized because the consumer or card 
provider failed to "activate"it. 
[0053] During the authorization phase of the transaction process, 
the card provider receives the merchants authorization 
request and verifies that certain limitations-on-use con- 
ditions, if any, have been satisfied. If the conditions have 
been satisfied, the request is approved and the card 
provider sends the merchant an approval code. If condi- 
tions have not been met, the request is declined. Although 
the request is declined, in an exemplary embodiment, the 
secondary transaction number may not be "deactivated," 
and, as a result, may still continue through the payment 
process. An exemplary settlement process of the present 



invention involves receiving a request from a merchant to 
be paid for a particular transaction and paying the mer- 
chant. As noted above, even a secondary transaction 
number that has not been authorized or that has been de- 
nied authorization by the card provider, may proceed 
through settlement, with the incumbent risk to the mer- 
chant that the transaction (if not accompanied by a valid 
approval code) may later be charged back to the merchant 
if the transaction is disputed. During the settlement pro- 
cess, the accounts payable system pays the merchant, ref- 
erencing only the secondary transaction number. How- 
ever, prior to the accounts receivable processing, the sec- 
ondary transaction number is replaced with the primary 
account for consumer billing. The consumer's statement 
may reflect, as desired, the secondary transaction num- 
bers), the primary account number(s), all numbers or any 
combination of these numbers. For further information 
related to single use account number systems and other 
security features, see for example U.S. Serial No. 
09/800,461 filed on March 7, 2001 and entitled SYSTEM 
FOR FACILITATING A TRANSACTION, which is hereby in- 
corporated by reference. 
[0054] | n another payment process embodiment, the issuer may 



authorize the consumer payment information against a 
central authorization system. The issuer may then submit 
the payment authorization to the merchant, thereby al- 
lowing the merchant to ship or deliver the goods immedi- 
ately. This system is especially advantageous and efficient 
when dealing in soft goods such as content or program- 
ming. 

[0055] | n another payment process embodiment, instead of the 
merchant or issuer/acquirer billing the consumer, the 
system 100 may include suitable hardware and/or soft- 
ware in billing engine 190 to facilitate system 100 directly 
billing the consumer for the consumer purchases. Billing 
engine 190 may receive consumer acceptance information 
and product information, then billing engine 190 may ob- 
tain appropriate authorizations from databases internal to 
system 100 or from third party credit systems. Upon 
billing engine 190 obtaining a sufficient authorization re- 
lated to the consumer's desired purchases, interface de- 
vice 120 may notify the merchant that the charge is au- 
thorized, thereby allowing the merchant to ship the 
goods. The billing engine 190 then charges the consumer 
for the purchases and settles with the relevant merchants. 
This system may be advantageous because it allows the 



system host to better promote its own brand and it also 
may allow additional billing convenience if all of the 
charges are incorporated into the same billing statement 
as the pre-existing system billing. 
[0056] The interface device 120 may then transmit the amended 
acceptance 132 (e.g., including loyalty point value) to the 
merchant 130 (step 250). Prior to transmitting the 
amended acceptance 132 to the merchant, the system and 
method may also include authenticating or authorizing 
the transaction. One skilled in the art will appreciate that 
the authentication or authorization steps discussed herein 
may be implemented during any suitable portion of the 
method discussed herein. In an exemplary embodiment of 
the invention, a consumer is provided with a smart card 
having a standardized protocol to make credit and debit 
transactions, such as, for example, the Blue™from Ameri- 
can Express™smart card or the Europay Master- 
Card™Visa™ (EMV) smart card. The consumer utilizes the 
EMV Smartcard to interface with a wallet server to authen- 
ticate the consumer with a merchant server on a network 
through communications with a security server provided 
by a financial institution or credit provider such as, for 
example, American Express™. The consumer conducts a 



virtual purchase transaction using interface device 120 
but via the internet through a wallet server interacting 
with the security server to provide enhanced reliability and 
confidence in the transaction. 
[0057] The consumer logs onto the internet via a browser and 
selects a wallet, causing the establishment of a secure 
sockets layer link to the wallet server and, at about the 
same time, activates the consumer window. The wallet 
server requests the consumer to insert the smartcard for 
authentication to the server wallet account. With an en- 
crypted identity certificate being set, the consumer then 
selects the credit provider/financial institution, such as 
American Express, who will be providing guarantee of the 
payment, from the provider available in the wallet. The 
consumer then logs onto the merchant server, completes 
shopping, goes to the checkout screen and selects secure 
checkout. Again, the interfaces may be over a secure 
sockets layer. Next, the wallet server completes the form 
and transmits it to the merchant server, which uses an in- 
terface to a third party processor or directly to the secu- 
rity processor of the credit provider. The credit provider 
security processor uses the wallet interface to the con- 
sumer card to access smartcard functionality and gener- 



ates a signed transaction. Alternatively, the connection 
can also be used to securely update functionality as re- 
quired. The transaction card security processor authorizes 
the transaction on a "card present" basis. The merchant 
server then integrates the authorization with the wallet 
server completed form received from the wallet server and 
successfully completes the transaction, informing the 
consumer that the transaction has been successfully com- 
pleted. For further information related to authenticating 
the transaction, see for example U.S. Serial No. 
09/754,465 filed on January 4, 2001 and entitled SMART- 
CARD INTERNET AUTHORIZATION SYSTEM, which is hereby 
incorporated by reference. 
[0058] Thus, electronic transactions, such as purchase transac- 
tions, are conducted by receiving a transaction request 
from a consumer at a wallet server, issuing a challenge to 
the consumer from the wallet server, receiving a response 
from the consumer based upon the challenge, processing 
the response to verify the transaction instrument, assem- 
bling credentials (including authorization for the elec- 
tronic transaction), and interfacing with a security server 
to authenticate the transaction. The system provides the 
benefits of substantially protecting the market and the 



credit provider from fraud, transaction non-imputation, 
an ability to modify parameters on-line, and providing the 
consumer with better service at a lower cost by reducing 
the costs to the merchant because the entire process is 
substantially transparent to the merchant. 
[0059] Finally, once the merchant has received the amended ac- 
ceptance 132 (step 260), the merchant may complete the 
transaction by dispatching the goods or services to the 
consumer (step 270) and reconciling the consumer's ac- 
count (step 278) as is known in the art. As with traditional 
purchases using transaction cards, the transaction card 
details (e.g., transaction card number, expiration date, 
etc) are provided to the merchant or shopping network 
system to complete the transaction. The merchant may 
then process this transaction card number (and associated 
transaction details) for authorization and settlement as is 
generally done with routine transaction card purchases. 
The transaction authorization and settlement phase sup- 
ports the processes of submitting a transaction record to 
the account manager (e.g., card provider or acquirer) for 
payment. A financial capture system captures the financial 
information and transaction details and sends this infor- 
mation to an accounts payable system to pay the mer- 



chant and to an accounts receivable system to update the 
consumer's transaction card account record to reflect the 
transaction event and applicable charge. 

[0060] During the account reconciliation phase, if loyalty points 
are utilized, the accounts receivable system reconciles the 
charge for the particular transaction with a credit from the 
consumer's loyalty account. In one embodiment, for each 
charge where the consumer selected to pay with loyalty 
points, there will be a corresponding and offsetting 
charge to the account. In another embodiment, where the 
account consumer desires to pay only part of the transac- 
tion amount with loyalty points, the loyalty credit will only 
partially offset the merchant charge and the remainder 
will be paid with the consumer's transaction card. In a 
third embodiment, there may be a credit from a con- 
sumer's loyalty account without a corresponding transac- 
tion charge, such as is the case with a gift certificate em- 
bodiment, where the points are converted to a currency 
credit and issued in the form of a gift certificate; or stored 
on or downloaded to a stored value card or smart card. 

[0061] | n another embodiment, the system may conduct an on- 
line "card-present" transaction that authenticates the con- 
sumer and facilitates the secure exchange of consumer 



payment and delivery information between a merchant 
and a host system while reducing or eliminating the need 
for an online wallet and/or merchant profiling. In particu- 
lar, a consumer desiring to conduct a transaction with a 
merchant over a computerized network is redirected to a 
host system, which issues a challenge string to the con- 
sumer. The consumer inserts a smart card into a smart 
card reader and enters an appropriate PIN. The challenge 
string is signed and transmitted with the digital certificate 
to the host system, where the consumer is authenticated. 
The host system next retrieves the consumer's transac- 
tion account information (e.g., credit card account) from a 
consumer database. The host system then generates a 
temporary transaction number and associates the tempo- 
rary number with the consumer's transaction account. The 
temporary transaction number and other related payment 
and delivery information is then transmitted from the host 
system to the merchant via an authenticated communica- 
tion channel. This authenticated communication channel 
may be established by several methods, including various 
cryptographic techniques. In an exemplary embodiment, 
the appropriate account information data (e.g., transac- 
tion number, etc.) and/or a token signature is embedded 



within a consumer"s browser and transmitted from the 
host system to the merchant by redirecting the con- 
sumer's browser to the merchant site. 
[0062] Once at the merchant site, the merchant decodes this to- 
ken with a public key, thereby confirming the origination 
and authenticity of the account information data. In an- 
other exemplary embodiment, the merchant, upon receiv- 
ing the temporary transaction number and data from the 
consumer's browser, queries the host system through a 
second communication channel to confirm the authentic- 
ity of the transaction data. Once the communication chan- 
nel is confirmed, transaction data may be confidently 
transmitted from the host system to the merchant. Be- 
cause an established line of communication is contem- 
plated, the merchant payment and delivery fields are 
known and profiling (scraping or crawling) the website is 
not necessary. For further information related to facilitat- 
ing a card present transaction over a distributed network, 
and improving the automation and security of online 
transactions by enhancing consumer authentication via an 
improved authentication process and more securely trans- 
mitting consumer transaction data between a host system 
and a merchant, see for example Serial No. 09/943,658 



filed on August 30, 2001 and entitled ONLINE CARD 
PRESENT TRANSACTION, which is hereby incorporated by 
reference. 

[0063] it should also be noted that the merchant may also de- 
velop a consumer, transaction/offer database (step 280) 
based on offers presented and/or accepted as well as 
consumer information acquired. In an exemplary embodi- 
ment, an event tracker is configured to track the content 
and/or context of presented offers as well as the demo- 
graphic attributes of consumers and the results following 
offer presentation (e.g., which offers are accepted by the 
consumer). In an exemplary embodiment, an event tracker 
123 within interface device 120 is configured to record 
consumer responses to presented offers (e.g., offer pre- 
sentments, offer requests, requests for further informa- 
tion, and offer acceptance) and to accommodate delays 
between offer presentment and offer acceptance. An offer 
evaluator 121 is configured to determine the actual ef- 
fects of changes in content of offers on NPV and likeli- 
hood of acceptance. Accordingly, offer evaluator 121 is 
configured to assess the effect of a change in the presen- 
tation context of one or more offers on likelihood of ac- 
ceptance of the offers. In addition, offer evaluator 121 is 



configured to assess the effects of changes in offer con- 
tent and/or offer presentment context on probability-dis- 
counted NPV. Finally, offer evaluator 121 is configured to 
correlate results of such assessments to identified con- 
sumer attributes (e.g., to group demographic profiles ac- 
cording to results). For more information related to facili- 
tating the effective management of the formulation, stor- 
age, presentation, tracking and/or evaluation of offers for 
presentation to consumers for the purpose of encouraging 
a desired set of one or more behaviors, see for example 
U.S. Serial No. 10/356,895 filed on February 3, 2003 and 
entitled SYSTEM AND METHOD FOR ADMINISTERING IN- 
CENTIVE OFFERS, which is hereby incorporated by refer- 
ence. 

[0064] | n these and other steps in accordance with the invention, 
a computer is identified as the operative instrument for 
carrying out the steps. In accordance with a preferred em- 
bodiment of the invention, all steps in the process are 
carried out on a centralized computer that has access to 
all of the relevant databases. Alternatively, the functions 
carried out by computer can be carried out by a plurality 
of local computers, preferably localized computers that 
are linked together. 



[0065] Thus it is apparent that there has been provided, in accor- 
dance with the invention, a system and method that fully 
meet the needs specified above. Although the system and 
method have been described and illustrated with refer- 
ence to specific illustrative embodiments, it is not in- 
tended that the invention be limited to these illustrative 
embodiments. Those skilled in the art will recognize that 
many variations and modifications to these illustrative 
embodiments are possible without departing from the 
spirit and scope of the appended claims. For example, as 
noted above, the databases that have been referred to can 
be individual databases, a single central database, or 
databases partitioned in ways other than as illustrated in 
the figures. Preferably the invention is practiced through 
use of a single central computer which can contain all 
transactions for a particular consumer, regardless of loca- 
tion of that consumer or various departments, divisions or 
other segments of that consumer. 

[0066] while the network primarily discussed herein relates to an 
interactive television (ITV) network, it will be appreciated 
that many applications of the present invention could be 
formulated. One skilled in the art will appreciate that the 
network may include any system for exchanging data or 



transacting business, such as web broadcasts, the Inter- 
net, an intranet, an extranet, WAN, LAN, satellite commu- 
nications, and/or the like. The consumers may interact 
with the system via any input device such as a keyboard, 
mouse, kiosk, personal digital assistant, handheld com- 
puter (e.g., Palm Pilot®), cellular phone, integrated circuit 
card and/or the like. Similarly, the invention could be used 
in conjunction with any type of personal computer, net- 
work computer, workstation, minicomputer, mainframe, 
or the like running any operating system such as any ver- 
sion of Windows, Windows NT, Windows2000, Windows 
98, Windows 95, MacOS, OS/2, BeOS, Linux, UNIX, Solaris 
or the like. Moreover, although the invention is frequently 
described herein as being implemented with TCP/IP com- 
munications protocols, it will be readily understood that 
the invention could also be implemented using IPX, Ap- 
pletalk, IP-6, NetBIOS, OSI or any number of existing or 
future protocols. Moreover, the system contemplates the 
use, sale or distribution of any goods, services or infor- 
mation over any network having similar functionality de- 
scribed herein. 

[0067] | t should be appreciated that the particular implementa- 
tions shown and described herein are illustrative of the 



invention and its best mode and are not intended to oth- 
erwise limit the scope of the present invention in anyway. 
Indeed, for the sake of brevity, conventional data net- 
working, application development and other functional 
aspects of the systems (and components of the individual 
operating components of the systems) may not be de- 
scribed in detail herein. Furthermore, the connecting lines 
shown in the various figures contained herein are in- 
tended to represent exemplary functional relationships 
and/or physical couplings between the various elements. 
It should be noted that many alternative or additional 
functional relationships or physical connections may be 
present in a practical electronic transaction system. 
[0068] As will be appreciated by one of ordinary skill in the art, 
the present invention may be embodied as a method, a 
data processing system, a device for data processing, 
and/or a computer program product. Accordingly, the 
present invention may take the form of an entirely soft- 
ware embodiment, an entirely hardware embodiment, or 
an embodiment combining aspects of both software and 
hardware. Furthermore, the present invention may take 
the form of a computer program product on a computer- 
readable storage medium having computer-readable pro- 



gram code means embodied in the storage medium. Any 
suitable computer-readable storage medium may be uti- 
lized, including hard disks, CD-ROM, optical storage de- 
vices, magnetic storage devices, and/or the like. 
[0069] The present invention may be described herein in terms of 
functional block components, screen shots, optional se- 
lections, various processing steps, block diagrams and 
flowchart illustrations of methods, apparatus (e.g., sys- 
tems), and computer program products according to vari- 
ous aspects of the invention. It should be appreciated that 
such functional blocks may be realized by any number of 
hardware and/or software components configured to per- 
form the specified functions. For example, the present in- 
vention may employ various integrated circuit compo- 
nents, e.g., memory elements, processing elements, logic 
elements, look-up tables, and the like, which may carry 
out a variety of functions under the control of one or more 
microprocessors or other control devices. It will further be 
understood that each functional block of the block dia- 
grams and the flowchart illustrations, and combinations of 
functional blocks in the block diagrams and flowchart il- 
lustrations, respectively, can be implemented by computer 
program instructions. These computer program instruc- 



tions may be loaded onto a general purpose computer, 
special purpose computer, or other programmable data 
processing apparatus to produce a machine, such that the 
instructions which execute on the computer or other pro- 
grammable data processing apparatus create means for 
implementing the functions specified in the flowchart 
block or blocks. 
[0070] The software elements of the present invention may be 

implemented with any programming or scripting language 
such as C, C+ + , Java, COBOL, assembler, PERL, Visual Ba- 
sic, SQL Stored Procedures, extensible markup language 
(XML), with the various algorithms being implemented 
with any combination of data structures, objects, pro- 
cesses, routines or other programming elements. These 
computer program instructions may also be stored in a 
computer-readable memory that can direct a computer or 
other programmable data processing apparatus to func- 
tion in a particular manner, such that the instructions 
stored in the computer-readable memory produce an arti- 
cle of manufacture including instruction means which im- 
plement the function specified in the flowchart block or 
blocks. The computer program instructions may also be 
loaded onto a computer or other programmable data pro- 



cessing apparatus to cause a series of operational steps to 
be performed on the computer or other programmable 
apparatus to produce a computer-implemented process 
such that the instructions which execute on the computer 
or other programmable apparatus provide steps for im- 
plementing the functions specified in the flowchart block 
or blocks. 

[0071] Accordingly, functional blocks of the block diagrams and 
flowchart illustrations support combinations of means for 
performing the specified functions, combinations of steps 
for performing the specified functions, and program in- 
struction means for performing the specified functions. It 
will also be understood that each functional block of the 
block diagrams and flowchart illustrations, and combina- 
tions of functional blocks in the block diagrams and 
flowchart illustrations, can be implemented by either spe- 
cial purpose hardware-based computer systems which 
perform the specified functions or steps, or suitable com- 
binations of special purpose hardware and computer in- 
structions. 

[0072] Further, it should be noted that the present invention may 
employ any number of conventional techniques for data 
transmission, signaling, data processing, network control, 



and the like. Still further, the invention could be used to 
detect or prevent security issues with a consumer-side 
scripting language, such as JavaScript, VBScript or the like. 
For a basic introduction of cryptography and network se- 
curity, the following may be helpful references: (1) "Ap- 
plied Cryptography: Protocols, Algorithms, And Source 
Code In C,"by Bruce Schneier, published by John Wiley & 
Sons (second edition, 1996); (2) "Java Cryptography" by 
Jonathan Knudson, published by 0"Reilly & Associates 
(1998); (3) "Cryptography & Network Security: Principles & 
Practice" by William Stalling, published by Prentice Hall; all 
of which are hereby incorporated by reference. 
[0073] | n the foregoing specification, the invention has been de- 
scribed with reference to specific embodiments. However, 
it will be appreciated that various modifications and 
changes can be made without departing from the scope of 
the present invention. The specification and figures are to 
be regarded in an illustrative manner, rather than a re- 
strictive one, and all such modifications are intended to 
be included within the scope of present invention. For ex- 
ample, the steps recited in any of the method or process 
descriptions may be executed in any order and are not 
limited to the order presented. 



[0074] Benefits, other advantages, and solutions to problems 
have been described above with regard to specific em- 
bodiments. However, the benefits, advantages, solutions 
to problems, and any element(s) that may cause any ben- 
efit, advantage, or solution to occur or become more pro- 
nounced are not to be construed as critical, required, or 
essential features. As used herein, the terms "comprises", 
"comprising", or any other variation thereof, are intended 
to cover a non-exclusive inclusion, such that a process, 
method, article, or apparatus that comprises a list of ele- 
ments does not include only those elements but may in- 
clude other elements not expressly listed or inherent to 
such process, method, article, or apparatus. Further, no 
element described herein is required for the practice of 
the invention unless expressly described as "essential"or 
"critical". 



